Zuck gets a Brazilian whack: Top Facebook VP cuffed in WhatsApp privacy kerfuffle Facebook's most senior executive in Latin America has been arrested over the social network's refusal to hand over its users' private data. Brazilian police confirmed Diego Dzodan's arrest after he failed to comply with a court order to provide the private chat messages of a suspected drug trafficker sent through the Facebook- …
If Facebook and Twitter shut all access to Brazilian IP addresses, Brazil would have a new domestic, entrenched social network over night. Remember that Orkut dominated that market in Brazil until its shutdown.
Kudos to countries like Japan who will never let the yankee digital imperialists in.
If, as we're led to believe, WhatsApp uses end-to-end encryption, how does the judge think anyone can decrypt it?
The judge better arrest every mathematician since Al-Quarismi.
(Note to the reader: the Brazilian Judiciary is probably best described as "not the cream of Harvard Law School".)
If, as we're led to believe, WhatsApp uses end-to-end encryption, how does the judge think anyone can decrypt it?
I suspect that the judge not unreasonably expects a Man in the Middle called Facebook to have access. Wherever those servers live is where they are legally exposed, and WhatsApp was not designed to be safe - crypto was introduced later.
Come to think of it. it's almost as if this judge is attempting a reverse Microsoft vs DoJ - as you do business here, give us access to other stuff you have abroad...
Imagine you're a judge, not a techie, and def not a crypto wiz.
You're used to people lying to you all the time and white collar types doing so with big technical words.
So, throw them in jail. If they're lying, they'll soon change their tune, and if they're not, and don't, then after a while you might decide to believe them. We should have done that to a few bankers.
I have some sympathy with the judge. In the UK statutory interest on damages is still only simple, (though compound can be requested). Lawyers really don't do math.
Oh, it's surprising how quickly companies start to behave if they CEO and/or board members, instead of some lowly scape goat, will be the ones behind bars if things go south. Suit types tend not to be iron bar-friendly. It can inspire a lot of do-the-right-thing motivations from on high :)
The point is: Ultra posse nemo obligatur ("No one is obligated beyond what he is able to do").
Brasil has a mostly Civil Law system and there is no way a suit can be held in jail because his foreign employer refuses to obey a Brasilian Court. Not unless he has the capability to change the situation personally which he doesn't because he's a mid-level functionary rather that the "controlling mind" of the corporation or a cryptographer.
I'm skeptical about anything that has security retro-fitted and that has not had an audit from a trustworthy, independent 3rd party, period.
Some of the people I worked with would have given their left arm for the ability to so easily intercept on a global scale because setting up an SMS intercept is a lot more work (find the telco involved via the number, file warrant, get access) which gets worse if the target uses a foreign number. WhatsApp is offering exactly that, so any claim about any security being in YOUR interest should be met with the cynicism it deserves.
Dear US (et al): please take note.
The idea that data can be secure but magically able to be accessed by 'authorised' parties is naive enough. Anyone who thinks that other countries (who may or may not be unfriendly towards the US) can't or won't follow suit is not only naive but stupid. Dangerously so.
Strong encryption is the best way to make sure that unintended parties do not get their hands on information and strong encryption is incompatible with laws requiring a third party (any third party) to be able to arbitrarily decrypt any communication or packet of data.
The two cannot co-exist: if a third party can decrypt your data, the encryption is, ipso fact, not 'strong' and not suitable to protect the data.
I think the recent revelation of DROWN and its roots in (forced) weak cryptography should be proof enough of that.
These ignorant CEOs think they are God and that they are exempt from law and court orders. They are wrong and Tim Cook should be in jail until Apple unlocks the phone of the mass murderer as ordered by the court. The victim's rights are far more important than a criminal's rights.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
